1. Manuals
  2. Brands
  3. LevelOne Manuals
  4. Network Router
  5. WAB-3000
  6. User manual

Wpa/Wpa2 With Tkip/ Aes-Ccmp; 802.11I - LevelOne WAB-3000 User Manual

108mbps mesh ap/bridge w/ multi-ssid, vlan
Hide thumbs Also See for WAB-3000:
Table of Contents

Advertisement

WAB–3000 Wireless Access Point

WPA/WPA2 with TKIP/ AES-CCMP

WPA, an interim standard developed by the WiFi Alliance, combines
several technologies. It includes the use of the 802.1x standard and the
Extensible Authentication Protocol (EAP). In addition, it uses, for encryp-
tion, the Temporal Key Integrity Protocol (TKIP) and WEP 128-bit encryp-
tion keys. Finally, a message integrity check (MIC) is used to prevent an
attacker from capturing and altering or forging data packets. In addition,
it can employ a form of AES called AES-CCMP.
WPA is a subset of the 802.11i standard and is expected to maintain
forward compatibility.

802.11i

Four major categories or primary functions of 802.11i are invoked.
These primary functions of 802.11i include:
• EAP-TLS: Extensible Authentication Protocol Transport
Layer Security, EAP-TLS was compulsory for WPA2 Enter-
prise products certified prior to April 15, 2005; for products
certified after this date, EAP-TLS testing is compulsory if
the product can support EAP-TLS. The only products that
might not support EAP-TLS are tightly integrated systems
that do not support software upgrades by a third party,
such as some cell phones intended for, e.g., the 3G market.
Non-tightly integrated products like most laptop and PDU
adapters still must support EAP-TLS to receive WPA2 certi-
fication.
• IEEE 802.1X: also known as port based network access con-
trol, 802.1X provides and authentication framework within
802.11i. 802.11i depends upon 802.1X to control the flow of
MSDUs between the DS and STAs by use of the IEEE 802.1X
Controlled/Uncontrolled Port model. IEEE 802.1X authen-
tication frames are transmitted in 802.11 Data frames and
passed via the IEEE 802.1X Uncontrolled Port. The 802.1X
Controlled Port is blocked from passing general data traffic
between two STAs until an 802.1X authentication procedure
completes successfully over the 802.1X Uncontrolled Port.
It is the responsibility of the authenticator (Access Point) to
implement port blocking. 802.11 depends upon IEEE 802.1X
and the EAPOL-Key 4-Way and Group Key Handshakes,
to establish and change cryptographic keys. Keys are estab-
lished after authentication has completed. Keys may change
for a variety of reasons, including expiration of an IEEE
802.1X authentication timer, key compromise, danger of
compromise, or policy.
29000171-001 A
Chapter 1: Introduction
7

Advertisement

Table of Contents
loading

Related Manuals for LevelOne WAB-3000

Related Content for LevelOne WAB-3000

Table of Contents